One billion social networkers this year exposed to Cybercrime Kuwait ICT delegates hear

07 mai 2009Notícias de Vírus

The rapidly increasing interaction of consumers with social online networks, mobile phones and other intelligent devices has brought about significant lifestyle benefits that are under a serious threat from cybercriminals according to an international virus analyst.

Addressing the audience of Kuwait’s ICT Security Forum, Stefan Tanase, Malware Analyst at the EEMEA Research Center, Kaspersky Lab Global Research and Analysis Team, said that in 2009 social networking sites will be used by around 80 per cent of all Internet users, the equivalent of more than one billion people.

"The growing popularity of social networking sites has not gone unnoticed by cybercriminals; last year, such sites became a hotbed of malware and spam and yet another source of illegal earnings on the Internet. The Kaspersky Lab collection contained more than 43,000 malicious files relating to social networking sites in 2008 alone," said Tanase.

"Malicious code distributed via social networking sites is 10 times more effective than malware spread via email. Social networks have, approximately, a 10 per cent success rate in terms of infection compared to less than 1 per cent for malware spread via email,” he said.

Stolen names and passwords belonging to the users of social networking sites can be used to send links to infected sites, spam or fraudulent messages such as a seemingly innocent request for an urgent money transfer.

"Generally, users of social networking sites trust other users and accept messages sent by someone on their friends list without thinking; this makes it easy for cybercriminals to use such messages to spread links to infected sites. Various means are used to encourage the recipient to follow the link contained in the message and download a malicious program."

According to the Kaspersky Lab expert, major Web 2.0 platforms such as Facebook or Twitter are highly vulnerable to malware attacks and end users need to be aware of the risks and be ready to take precautionary measures to protect themselves.

A worm recently spread on the popular micro-blogging website Twitter. Being able to execute JavaScript code, it propagated itself from one profile to another by exploiting Cross-Site Scripting (XSS) vulnerabilities in unfiltered inputs on the Twitter profile page.

"What users can do to protect themselves from XSS worms is to only allow JavaScript code to be executed from trusted sources – the NoScript extension in Firefox is helpful - and, of course, to keep their antivirus definitions updated," said Tanase.

During his presentation, Tanase also highlighted the rapid spread of mobile phone hacking.

"In the last week alone we have found five new Trojans which send such money transfer requests without the permission or knowledge of the phone's owner. The goal is to transfer large quantities of small sums in the hope that while individual users might not notice the leak, the overall sum of transfers will be significant.

"There is a rise of the number of attacks targeting mobile phones and a more clear shift towards methods for monetization of these attacks."